If your business is still running Windows XP, you’ll need to rapidly make plans to transition away from the platform to avoid being caught in the flood of exploits expected shortly after April 8, 2014. If you are in a regulated vertical like healthcare or banking, getting away from XP is not just a good business decision – it’s mandatory.
Windows XP, originally released in 2001, has been Microsoft’s most venerable operating system to date. It was a huge leap forward for Microsoft and solidified Windows as the most dominant desktop operating system – commanding more than 80% of the market at its peak. That victory for Microsoft is now creating a problem for consumers and businesses: Windows XP will reach end of life on April 8th 2014, after which Microsoft will no longer provide security updates. With Windows XP still representing almost 30% of all computer operating systems, the looming security risk should not be ignored.
What Does “End of Life” Really Mean?
Most Microsoft products have a pre-determined shelf life – a certain amount of time that Microsoft will continue devoting resources to the product for enhancements, updates, support, and patches. For operating systems, this is usually about 10 years before the product is considered outside of “Extended Support”. Windows XP will be more than 12 years old when it officially reaches the end of its Extended Support period. End of Extended Support does not mean the operating system will stop working, but it does mean that Microsoft will not patch any discovered vulnerabilities. It’s the lack of patches that should concern any business still running Windows XP in their environment, particularly those in compliance driven industries such as healthcare or banking.
The Permanent Zero-Day Vulnerability
When a vulnerability is discovered in software, including operating systems, attackers have a small window of opportunity to exploit the vulnerability through viruses and other malicious code before it is patched by the manufacturer. This time period and the attacks that follow are considered “zero day” until the software publisher can counter them. Vulnerabilities for Windows XP have steadily increased over the past few years as the technology it is built upon becomes more outdated. With Microsoft discontinuing patches for Windows XP, security researches are sounding the alarms about the “forever zero day” exploits that are coming in the days after April 8th – vulnerabilities that attackers are waiting until XP’s end-of-life to expose in order to prevent them from ever being patched. Additionally, as patches are released for newer versions of Windows (Vista, 7, and 8), attackers will simply reverse engineer them to see if the same vulnerabilities exist in XP.
The Best Path Forward
There are many options for shedding vulnerable Windows XP systems for more secure solutions, but what’s the best path forward? Every business has different needs and we always try to craft solutions that are affordable, minimize disruption, and future proof your business. Some businesses may want to simply swap XP machines for Microsoft’s latest Windows 8.1 operating system. Many are finding great value in Cloud Desktop solutions that minimize downtime and provide a way for users to connect to their desktop anywhere, anytime, on any device. We recommend working with our solutions team to help find the right option for you before April 8th.